Subscribe to the latest research through IGI Global's new InfoSci-OnDemand Plus

InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 93,000+ peer-reviewed book chapters and 24,000+ scholarly journal articles covering 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.

When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.

InfoSci®-Journals Annual Subscription Price for New Customers: As Low As US$ 4,080*

This collection of over 185 e-journals offers unlimited access to highly-cited, forward-thinking content in full-text PDF and HTML with no DRM. There are no platform or maintenance fees and a guarantee of no more than 5% increase annually.

Abstract

Mainly justified by the growing concern about vulnerabilities of IT systems, some new technologies are being integrated into computing devices, for realizing so-called Trusted Computing systems. However, they are raising questions about intrusive cyber-control over individual user activities and data, but also about consequences in cyber-war scenarios. The aim of this article is to confront Trusted Computing systems with distributed Trust Management systems, which realize access control for local resources on the basis of delegation of access rights, according to local trust decisions. Both technologies are discussed from various points of view: architecture, vision, ethics, politics and law. Some experimentations are also presented, to show the applicability of Trust Management techniques to modern Service-Oriented Architectures.

Article Preview

Trusted Systems

Regarding the basic architecture and functioning of Digital Rights Management systems, various so-called “Rights Expression Languages” have been proposed, for the management of digital rights for media content distribution. These languages and frameworks are essentially the result of efforts of businesses to protect digital material from reproduction and sharing. However all Rights Expression Languages just allow copyright holders to express restrictions about the usage of a resource (for this reason, critics of those technologies often refer to them as “restrictions expression languages”), without being able to enforce by themselves the policies they convey. The usage of “trustworthy” systems (Coyle, 2003) and the application of international laws is necessary for actually enforcing the policies these languages allow to express.

Obfuscation is necessary for the realization of DRM restrictions on common PCs and other open systems, to make reverse engineering more difficult and protect in some way the decryption function. But in traditional cryptography, obfuscation has always been considered a poor solution, with uncertain resistance to attacks. In fact, obfuscation is the Achille’s heel of most DRM systems (Stamp, 2003). Moreover, in open systems the decryption function (generally a cryptographic key) can be gathered by scanning the system memory at runtime.

To overcome this problem, content producers are encouraging laws against circumvention of DRM policies. But another parallel effort is directed toward the realization of so-called Trusted Computing systems, composed only of approved hardware and software components, which can assure the respect of media access restrictions.